Tag: cisa
-
Five-Year-Old D-Link Bugs See Active Exploitation
CISA Lists Flaws as Actively Exploited. Hackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. Attackers don’t care if a vulnerability is new or old. First seen on govinfosecurity.com Jump to…
-
CISA’s relationship with industry needs work to reestablish trust, experts say
Critics say budget cuts, job losses have hurt the agency’s ability to coordinate with private industry. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisas-industry-relationship-needs-trust/756941/
-
CISA & FEMA Announce $100M+ in Community Cybersecurity Grants
The grants are intended to help states, tribes, and localities enhance their cybersecurity resilience by providing them with monetary resources to reduce risks and implement new procedures. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-fema-100m-cybersecurity-grants
-
#BHUSA: Microsoft and Google Among Most Affected as Zero Day Exploits Jump 46%
Forescout also observed a big rise in CVEs added to CISA’s KEV catalog, some of which impacted end-of-life products First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-google-zero-day-exploits/
-
Ex-CISA Head Easterly: Rescinded West Point Post Victim of ‘Manufactured Outrage’
Jen Easterly, a West Point graduate who led CISA during the Biden Administration, had her appointment to head a department at the academy rescinded after a complaint by Laura Loomer, a right-wing MAGA adherent who spoke out in a X posting to Defense Secretary Pete Hegseth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ex-cisa-head-easterly-rescinded-west-point-post-victim-of-manufactured-outrage/
-
CISA releases Thorium, an open-source, scalable platform for malware analysis
Tags: access, ceo, cio, cisa, compliance, container, control, cyber, cybersecurity, data, docker, framework, github, governance, incident response, kubernetes, malware, open-source, privacy, risk, skills, toolRethinking malware analysis at scale: Enterprise-grade malware analysis tools and platforms have been widely used in the security community. But many of them require paid licenses, lack orchestration at scale, or are difficult to integrate with enterprise workflows. Experts view Thorium as a significant democratization of advanced malware analysis technology.”It is a big deal as…
-
CISA roasts unnamed critical national infrastructure body for shoddy security hygiene
Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org First seen on theregister.com Jump to article: www.theregister.com/2025/08/02/cisa_coast_guard_cni/
-
Response to CISA Advisory (AA25-212A): CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
In response to the recently published CISA Advisory (AA25-212A), AttackIQ has provided actionable recommendations to help organizations emulate such attacks. These recommendations enable organizations to emulate tactics and techniques, helping to assess and improve their defenses against similar adversarial behaviors. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/response-to-cisa-advisory-aa25-212a-cisa-and-uscg-identify-areas-for-cyber-hygiene-improvement-after-conducting-proactive-threat-hunt-at-us-critical-infrastructure-org…
-
CISA Releases Free Thorium Malware Analysis Tool
Thorium enhances cybersecurity teams’ defense capabilities by seamlessly integrating commercial, open-source, and custom tools used to analyze malware. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/cisa-releases-free-thorium-malware-analysis-tool
-
CISA released Thorium platform to support malware and forensic analysis
CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium, a new open-source platform designed to support malware and forensic analysis. The platform was designed in collaboration with Sandia National Laboratories, the US Agency presented it as a scalable, open-source platform…
-
CISA Releases Thorium: Open-Source Malware and Forensics Tool Now Public
The Cybersecurity and Infrastructure Security Agency (CISA) has made a significant contribution to the cybersecurity community by publicly releasing Thorium, a powerful open-source platform designed to revolutionize malware analysis and digital forensics operations. This announcement marks a major milestone in democratizing advanced cybersecurity tools for organizations worldwide. Partnership with Sandia National Laboratories CISA, in partnership…
-
Review: CISA Certified Information Systems Auditor Practice Tests
Tags: cisaCISA Certified Information Systems Auditor Practice Tests offers practical, domain-by-domain prep for the CISA exam, with hundreds of questions covering key objectives and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/01/review-cisa-certified-information-systems-auditor-practice-tests/
-
Review: CISA Certified Information Systems Auditor Practice Tests
Tags: cisaCISA Certified Information Systems Auditor Practice Tests offers practical, domain-by-domain prep for the CISA exam, with hundreds of questions covering key objectives and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/01/review-cisa-certified-information-systems-auditor-practice-tests/
-
Feds still trying to crack Volt Typhoon hackers’ intentions, goals
A CISA official said they’re looking at the potential impact and what to do about Chinese hackers penetrating U.S. critical infrastructure. First seen on cyberscoop.com Jump to article: cyberscoop.com/feds-still-trying-to-crack-volt-typhoon-hackers-intentions-goals/
-
CISA open-sources Thorium platform for malware, forensic analysis
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an open-source platform for malware and forensic analysts across the government, public, and private sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/
-
CISA unveils free Thorium malware analysis platform
The goal of Thorium is to enable cyber defenders to bring automation to their existing analysis through simple tool integration and event-driven triggers, CISA said, adding that it is built to support cybersecurity teams across mission functions. First seen on therecord.media Jump to article: therecord.media/cisa-unveils-free-malware-analysis-tool
-
CISA Unveils Eviction Strategies Tool to Aid Incident Response
CISA has launched a new tool to streamline cyber incident response and aid in adversary eviction First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-eviction-strategies-tool/
-
Response to CISA Alert: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities
AttackIQ has released a new emulation that compiles the Tactics, Techniques, and Procedures (TTPs) associated with the exploitation of the CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, and CVE-2025-53771 vulnerabilities, which affect on-premises Microsoft SharePoint servers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/response-to-cisa-alert-microsoft-releases-guidance-on-exploitation-of-sharepoint-vulnerabilities/
-
Army Secretary forces West Point to rescind appointment given to Easterly
The U.S. Military Academy announced Tuesday that the former CISA head would join the Department of Social Sciences. Secretary Dan Driscoll pulled the offer Wednesday. First seen on cyberscoop.com Jump to article: cyberscoop.com/jen-easterly-west-point-mcdermott-chair-laura-loomer-dan-driscoll-army/
-
CISA Pledges to Release Salt Typhoon Report
Senator Declines to Lift Hold on Trump’s CISA Nominee Without Clear Timeline. The U.S. Cybersecurity and Infrastructure Security Agency plans to release a report on telecom vulnerabilities exploited in the Salt Typhoon cyberespionage campaign to help move along President Donald Trump’s nomination to lead the agency – but Sen. Ron Wyden still intends to delay…
-
Plankey nomination for CISA director advances to Senate floor
Sean Plankey’s nomination to direct the Cybersecurity and Infrastructure Security Agency advanced out of committee on Wednesday after languishing for several months, bringing him one step closer to confirmation. First seen on therecord.media Jump to article: therecord.media/plankey-advances-cisa-nomination
-
CISA’s Joint Cyber Defense Collaborative takes major personnel hit
JCDC’s troubles add to the woes of the already-depleted CISA, which could lose even more personnel as additional contracts with private companies expire. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-joint-cyber-defense-collaborative-contract-lapse/756231/
-
CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it
The agency has two months to publish its final rule. It will not meet that mark, but a new CISA director has the tools to move the program forward. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-sean-plankey-circia-deadline-op-ed/
-
CISA and FBI Release Tactics, Techniques, and Procedures of the Scattered Spider Hacker Group
The joint Cybersecurity Advisory AA23-320A, collaboratively issued by agencies such as the FBI, CISA, RCMP, ASD’s ACSC, AFP, CCCS, and NCSC-UK, serves as a critical update on the Scattered Spider cybercriminal group. Originally published in November 2023 and revised multiple times, most recently on July 29, 2025 this advisory highlights the group’s persistent and adaptive…
-
CISA caves to Wyden, agrees to release US telco insecurity report – but won’t say when
Tags: cisaThe security nerds’ equivalent of the Epstein files saga First seen on theregister.com Jump to article: www.theregister.com/2025/07/29/cisa_wyden_us_telecoms_insecurity_report/
-
CISA says it will release telecom security report sought by Sen. Wyden to lift hold on Plankey nomination
Tags: cisaThe Oregon Democrat has vowed to place a hold on the nomination to lead the agency until CISA releases the report. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-says-it-will-release-telecom-security-report-sought-by-sen-wyden-to-lift-hold-on-plankey-nomination/
-
FBI, CISA Warn About Scattered Spider Cyberattacks
The FBI and CISA issued updated guidance today on the Scattered Spider threat group, including information on recent attack techniques such as encrypting VMware ESXi servers with DragonForce ransomware. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/fbi-cisa-warn-about-scattered-spider/